search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
of: MSI: Simplify irqdomain lookup
[linux/fpc-iii.git] / net / bluetooth / hci_sock.c
blobb1eb8c09a66016c2cbcca79dcf3bb533bb85ec02
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22 SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth HCI sockets. */
26
27 #include <linux/export.h>
28 #include <asm/unaligned.h>
29
30 #include <net/bluetooth/bluetooth.h>
31 #include <net/bluetooth/hci_core.h>
32 #include <net/bluetooth/hci_mon.h>
33 #include <net/bluetooth/mgmt.h>
34
35 #include "mgmt_util.h"
36
37 static LIST_HEAD(mgmt_chan_list);
38 static DEFINE_MUTEX(mgmt_chan_list_lock);
39
40 static atomic_t monitor_promisc = ATOMIC_INIT(0);
41
42 /* ----- HCI socket interface ----- */
43
44 /* Socket info */
45 #define hci_pi(sk) ((struct hci_pinfo *) sk)
46
47 struct hci_pinfo {
48 struct bt_sock bt;
49 struct hci_dev *hdev;
50 struct hci_filter filter;
51 __u32 cmsg_mask;
52 unsigned short channel;
53 unsigned long flags;
54 };
55
56 void hci_sock_set_flag(struct sock *sk, int nr)
57 {
58 set_bit(nr, &hci_pi(sk)->flags);
59 }
60
61 void hci_sock_clear_flag(struct sock *sk, int nr)
62 {
63 clear_bit(nr, &hci_pi(sk)->flags);
64 }
65
66 int hci_sock_test_flag(struct sock *sk, int nr)
67 {
68 return test_bit(nr, &hci_pi(sk)->flags);
69 }
70
71 unsigned short hci_sock_get_channel(struct sock *sk)
72 {
73 return hci_pi(sk)->channel;
74 }
75
76 static inline int hci_test_bit(int nr, const void *addr)
77 {
78 return *((const __u32 *) addr + (nr >> 5)) & ((__u32) 1 << (nr & 31));
79 }
80
81 /* Security filter */
82 #define HCI_SFLT_MAX_OGF 5
83
84 struct hci_sec_filter {
85 __u32 type_mask;
86 __u32 event_mask[2];
87 __u32 ocf_mask[HCI_SFLT_MAX_OGF + 1][4];
88 };
89
90 static const struct hci_sec_filter hci_sec_filter = {
91 /* Packet types */
92 0x10,
93 /* Events */
94 { 0x1000d9fe, 0x0000b00c },
95 /* Commands */
96 {
97 { 0x0 },
98 /* OGF_LINK_CTL */
99 { 0xbe000006, 0x00000001, 0x00000000, 0x00 },
100 /* OGF_LINK_POLICY */
101 { 0x00005200, 0x00000000, 0x00000000, 0x00 },
102 /* OGF_HOST_CTL */
103 { 0xaab00200, 0x2b402aaa, 0x05220154, 0x00 },
104 /* OGF_INFO_PARAM */
105 { 0x000002be, 0x00000000, 0x00000000, 0x00 },
106 /* OGF_STATUS_PARAM */
107 { 0x000000ea, 0x00000000, 0x00000000, 0x00 }
108 }
109 };
110
111 static struct bt_sock_list hci_sk_list = {
112 .lock = __RW_LOCK_UNLOCKED(hci_sk_list.lock)
113 };
114
115 static bool is_filtered_packet(struct sock *sk, struct sk_buff *skb)
116 {
117 struct hci_filter *flt;
118 int flt_type, flt_event;
119
120 /* Apply filter */
121 flt = &hci_pi(sk)->filter;
122
123 flt_type = bt_cb(skb)->pkt_type & HCI_FLT_TYPE_BITS;
124
125 if (!test_bit(flt_type, &flt->type_mask))
126 return true;
127
128 /* Extra filter for event packets only */
129 if (bt_cb(skb)->pkt_type != HCI_EVENT_PKT)
130 return false;
131
132 flt_event = (*(__u8 *)skb->data & HCI_FLT_EVENT_BITS);
133
134 if (!hci_test_bit(flt_event, &flt->event_mask))
135 return true;
136
137 /* Check filter only when opcode is set */
138 if (!flt->opcode)
139 return false;
140
141 if (flt_event == HCI_EV_CMD_COMPLETE &&
142 flt->opcode != get_unaligned((__le16 *)(skb->data + 3)))
143 return true;
144
145 if (flt_event == HCI_EV_CMD_STATUS &&
146 flt->opcode != get_unaligned((__le16 *)(skb->data + 4)))
147 return true;
148
149 return false;
150 }
151
152 /* Send frame to RAW socket */
153 void hci_send_to_sock(struct hci_dev *hdev, struct sk_buff *skb)
154 {
155 struct sock *sk;
156 struct sk_buff *skb_copy = NULL;
157
158 BT_DBG("hdev %p len %d", hdev, skb->len);
159
160 read_lock(&hci_sk_list.lock);
161
162 sk_for_each(sk, &hci_sk_list.head) {
163 struct sk_buff *nskb;
164
165 if (sk->sk_state != BT_BOUND || hci_pi(sk)->hdev != hdev)
166 continue;
167
168 /* Don't send frame to the socket it came from */
169 if (skb->sk == sk)
170 continue;
171
172 if (hci_pi(sk)->channel == HCI_CHANNEL_RAW) {
173 if (bt_cb(skb)->pkt_type != HCI_COMMAND_PKT &&
174 bt_cb(skb)->pkt_type != HCI_EVENT_PKT &&
175 bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
176 bt_cb(skb)->pkt_type != HCI_SCODATA_PKT)
177 continue;
178 if (is_filtered_packet(sk, skb))
179 continue;
180 } else if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
181 if (!bt_cb(skb)->incoming)
182 continue;
183 if (bt_cb(skb)->pkt_type != HCI_EVENT_PKT &&
184 bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
185 bt_cb(skb)->pkt_type != HCI_SCODATA_PKT)
186 continue;
187 } else {
188 /* Don't send frame to other channel types */
189 continue;
190 }
191
192 if (!skb_copy) {
193 /* Create a private copy with headroom */
194 skb_copy = __pskb_copy_fclone(skb, 1, GFP_ATOMIC, true);
195 if (!skb_copy)
196 continue;
197
198 /* Put type byte before the data */
199 memcpy(skb_push(skb_copy, 1), &bt_cb(skb)->pkt_type, 1);
200 }
201
202 nskb = skb_clone(skb_copy, GFP_ATOMIC);
203 if (!nskb)
204 continue;
205
206 if (sock_queue_rcv_skb(sk, nskb))
207 kfree_skb(nskb);
208 }
209
210 read_unlock(&hci_sk_list.lock);
211
212 kfree_skb(skb_copy);
213 }
214
215 /* Send frame to sockets with specific channel */
216 void hci_send_to_channel(unsigned short channel, struct sk_buff *skb,
217 int flag, struct sock *skip_sk)
218 {
219 struct sock *sk;
220
221 BT_DBG("channel %u len %d", channel, skb->len);
222
223 read_lock(&hci_sk_list.lock);
224
225 sk_for_each(sk, &hci_sk_list.head) {
226 struct sk_buff *nskb;
227
228 /* Ignore socket without the flag set */
229 if (!hci_sock_test_flag(sk, flag))
230 continue;
231
232 /* Skip the original socket */
233 if (sk == skip_sk)
234 continue;
235
236 if (sk->sk_state != BT_BOUND)
237 continue;
238
239 if (hci_pi(sk)->channel != channel)
240 continue;
241
242 nskb = skb_clone(skb, GFP_ATOMIC);
243 if (!nskb)
244 continue;
245
246 if (sock_queue_rcv_skb(sk, nskb))
247 kfree_skb(nskb);
248 }
249
250 read_unlock(&hci_sk_list.lock);
251 }
252
253 /* Send frame to monitor socket */
254 void hci_send_to_monitor(struct hci_dev *hdev, struct sk_buff *skb)
255 {
256 struct sk_buff *skb_copy = NULL;
257 struct hci_mon_hdr *hdr;
258 __le16 opcode;
259
260 if (!atomic_read(&monitor_promisc))
261 return;
262
263 BT_DBG("hdev %p len %d", hdev, skb->len);
264
265 switch (bt_cb(skb)->pkt_type) {
266 case HCI_COMMAND_PKT:
267 opcode = cpu_to_le16(HCI_MON_COMMAND_PKT);
268 break;
269 case HCI_EVENT_PKT:
270 opcode = cpu_to_le16(HCI_MON_EVENT_PKT);
271 break;
272 case HCI_ACLDATA_PKT:
273 if (bt_cb(skb)->incoming)
274 opcode = cpu_to_le16(HCI_MON_ACL_RX_PKT);
275 else
276 opcode = cpu_to_le16(HCI_MON_ACL_TX_PKT);
277 break;
278 case HCI_SCODATA_PKT:
279 if (bt_cb(skb)->incoming)
280 opcode = cpu_to_le16(HCI_MON_SCO_RX_PKT);
281 else
282 opcode = cpu_to_le16(HCI_MON_SCO_TX_PKT);
283 break;
284 case HCI_DIAG_PKT:
285 opcode = cpu_to_le16(HCI_MON_VENDOR_DIAG);
286 break;
287 default:
288 return;
289 }
290
291 /* Create a private copy with headroom */
292 skb_copy = __pskb_copy_fclone(skb, HCI_MON_HDR_SIZE, GFP_ATOMIC, true);
293 if (!skb_copy)
294 return;
295
296 /* Put header before the data */
297 hdr = (void *) skb_push(skb_copy, HCI_MON_HDR_SIZE);
298 hdr->opcode = opcode;
299 hdr->index = cpu_to_le16(hdev->id);
300 hdr->len = cpu_to_le16(skb->len);
301
302 hci_send_to_channel(HCI_CHANNEL_MONITOR, skb_copy,
303 HCI_SOCK_TRUSTED, NULL);
304 kfree_skb(skb_copy);
305 }
306
307 static struct sk_buff *create_monitor_event(struct hci_dev *hdev, int event)
308 {
309 struct hci_mon_hdr *hdr;
310 struct hci_mon_new_index *ni;
311 struct hci_mon_index_info *ii;
312 struct sk_buff *skb;
313 __le16 opcode;
314
315 switch (event) {
316 case HCI_DEV_REG:
317 skb = bt_skb_alloc(HCI_MON_NEW_INDEX_SIZE, GFP_ATOMIC);
318 if (!skb)
319 return NULL;
320
321 ni = (void *)skb_put(skb, HCI_MON_NEW_INDEX_SIZE);
322 ni->type = hdev->dev_type;
323 ni->bus = hdev->bus;
324 bacpy(&ni->bdaddr, &hdev->bdaddr);
325 memcpy(ni->name, hdev->name, 8);
326
327 opcode = cpu_to_le16(HCI_MON_NEW_INDEX);
328 break;
329
330 case HCI_DEV_UNREG:
331 skb = bt_skb_alloc(0, GFP_ATOMIC);
332 if (!skb)
333 return NULL;
334
335 opcode = cpu_to_le16(HCI_MON_DEL_INDEX);
336 break;
337
338 case HCI_DEV_SETUP:
339 if (hdev->manufacturer == 0xffff)
340 return NULL;
341
342 /* fall through */
343
344 case HCI_DEV_UP:
345 skb = bt_skb_alloc(HCI_MON_INDEX_INFO_SIZE, GFP_ATOMIC);
346 if (!skb)
347 return NULL;
348
349 ii = (void *)skb_put(skb, HCI_MON_INDEX_INFO_SIZE);
350 bacpy(&ii->bdaddr, &hdev->bdaddr);
351 ii->manufacturer = cpu_to_le16(hdev->manufacturer);
352
353 opcode = cpu_to_le16(HCI_MON_INDEX_INFO);
354 break;
355
356 case HCI_DEV_OPEN:
357 skb = bt_skb_alloc(0, GFP_ATOMIC);
358 if (!skb)
359 return NULL;
360
361 opcode = cpu_to_le16(HCI_MON_OPEN_INDEX);
362 break;
363
364 case HCI_DEV_CLOSE:
365 skb = bt_skb_alloc(0, GFP_ATOMIC);
366 if (!skb)
367 return NULL;
368
369 opcode = cpu_to_le16(HCI_MON_CLOSE_INDEX);
370 break;
371
372 default:
373 return NULL;
374 }
375
376 __net_timestamp(skb);
377
378 hdr = (void *) skb_push(skb, HCI_MON_HDR_SIZE);
379 hdr->opcode = opcode;
380 hdr->index = cpu_to_le16(hdev->id);
381 hdr->len = cpu_to_le16(skb->len - HCI_MON_HDR_SIZE);
382
383 return skb;
384 }
385
386 static void send_monitor_replay(struct sock *sk)
387 {
388 struct hci_dev *hdev;
389
390 read_lock(&hci_dev_list_lock);
391
392 list_for_each_entry(hdev, &hci_dev_list, list) {
393 struct sk_buff *skb;
394
395 skb = create_monitor_event(hdev, HCI_DEV_REG);
396 if (!skb)
397 continue;
398
399 if (sock_queue_rcv_skb(sk, skb))
400 kfree_skb(skb);
401
402 if (!test_bit(HCI_RUNNING, &hdev->flags))
403 continue;
404
405 skb = create_monitor_event(hdev, HCI_DEV_OPEN);
406 if (!skb)
407 continue;
408
409 if (sock_queue_rcv_skb(sk, skb))
410 kfree_skb(skb);
411
412 if (test_bit(HCI_UP, &hdev->flags))
413 skb = create_monitor_event(hdev, HCI_DEV_UP);
414 else if (hci_dev_test_flag(hdev, HCI_SETUP))
415 skb = create_monitor_event(hdev, HCI_DEV_SETUP);
416 else
417 skb = NULL;
418
419 if (skb) {
420 if (sock_queue_rcv_skb(sk, skb))
421 kfree_skb(skb);
422 }
423 }
424
425 read_unlock(&hci_dev_list_lock);
426 }
427
428 /* Generate internal stack event */
429 static void hci_si_event(struct hci_dev *hdev, int type, int dlen, void *data)
430 {
431 struct hci_event_hdr *hdr;
432 struct hci_ev_stack_internal *ev;
433 struct sk_buff *skb;
434
435 skb = bt_skb_alloc(HCI_EVENT_HDR_SIZE + sizeof(*ev) + dlen, GFP_ATOMIC);
436 if (!skb)
437 return;
438
439 hdr = (void *) skb_put(skb, HCI_EVENT_HDR_SIZE);
440 hdr->evt = HCI_EV_STACK_INTERNAL;
441 hdr->plen = sizeof(*ev) + dlen;
442
443 ev = (void *) skb_put(skb, sizeof(*ev) + dlen);
444 ev->type = type;
445 memcpy(ev->data, data, dlen);
446
447 bt_cb(skb)->incoming = 1;
448 __net_timestamp(skb);
449
450 bt_cb(skb)->pkt_type = HCI_EVENT_PKT;
451 hci_send_to_sock(hdev, skb);
452 kfree_skb(skb);
453 }
454
455 void hci_sock_dev_event(struct hci_dev *hdev, int event)
456 {
457 BT_DBG("hdev %s event %d", hdev->name, event);
458
459 if (atomic_read(&monitor_promisc)) {
460 struct sk_buff *skb;
461
462 /* Send event to monitor */
463 skb = create_monitor_event(hdev, event);
464 if (skb) {
465 hci_send_to_channel(HCI_CHANNEL_MONITOR, skb,
466 HCI_SOCK_TRUSTED, NULL);
467 kfree_skb(skb);
468 }
469 }
470
471 if (event <= HCI_DEV_DOWN) {
472 struct hci_ev_si_device ev;
473
474 /* Send event to sockets */
475 ev.event = event;
476 ev.dev_id = hdev->id;
477 hci_si_event(NULL, HCI_EV_SI_DEVICE, sizeof(ev), &ev);
478 }
479
480 if (event == HCI_DEV_UNREG) {
481 struct sock *sk;
482
483 /* Detach sockets from device */
484 read_lock(&hci_sk_list.lock);
485 sk_for_each(sk, &hci_sk_list.head) {
486 bh_lock_sock_nested(sk);
487 if (hci_pi(sk)->hdev == hdev) {
488 hci_pi(sk)->hdev = NULL;
489 sk->sk_err = EPIPE;
490 sk->sk_state = BT_OPEN;
491 sk->sk_state_change(sk);
492
493 hci_dev_put(hdev);
494 }
495 bh_unlock_sock(sk);
496 }
497 read_unlock(&hci_sk_list.lock);
498 }
499 }
500
501 static struct hci_mgmt_chan *__hci_mgmt_chan_find(unsigned short channel)
502 {
503 struct hci_mgmt_chan *c;
504
505 list_for_each_entry(c, &mgmt_chan_list, list) {
506 if (c->channel == channel)
507 return c;
508 }
509
510 return NULL;
511 }
512
513 static struct hci_mgmt_chan *hci_mgmt_chan_find(unsigned short channel)
514 {
515 struct hci_mgmt_chan *c;
516
517 mutex_lock(&mgmt_chan_list_lock);
518 c = __hci_mgmt_chan_find(channel);
519 mutex_unlock(&mgmt_chan_list_lock);
520
521 return c;
522 }
523
524 int hci_mgmt_chan_register(struct hci_mgmt_chan *c)
525 {
526 if (c->channel < HCI_CHANNEL_CONTROL)
527 return -EINVAL;
528
529 mutex_lock(&mgmt_chan_list_lock);
530 if (__hci_mgmt_chan_find(c->channel)) {
531 mutex_unlock(&mgmt_chan_list_lock);
532 return -EALREADY;
533 }
534
535 list_add_tail(&c->list, &mgmt_chan_list);
536
537 mutex_unlock(&mgmt_chan_list_lock);
538
539 return 0;
540 }
541 EXPORT_SYMBOL(hci_mgmt_chan_register);
542
543 void hci_mgmt_chan_unregister(struct hci_mgmt_chan *c)
544 {
545 mutex_lock(&mgmt_chan_list_lock);
546 list_del(&c->list);
547 mutex_unlock(&mgmt_chan_list_lock);
548 }
549 EXPORT_SYMBOL(hci_mgmt_chan_unregister);
550
551 static int hci_sock_release(struct socket *sock)
552 {
553 struct sock *sk = sock->sk;
554 struct hci_dev *hdev;
555
556 BT_DBG("sock %p sk %p", sock, sk);
557
558 if (!sk)
559 return 0;
560
561 hdev = hci_pi(sk)->hdev;
562
563 if (hci_pi(sk)->channel == HCI_CHANNEL_MONITOR)
564 atomic_dec(&monitor_promisc);
565
566 bt_sock_unlink(&hci_sk_list, sk);
567
568 if (hdev) {
569 if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
570 /* When releasing an user channel exclusive access,
571 * call hci_dev_do_close directly instead of calling
572 * hci_dev_close to ensure the exclusive access will
573 * be released and the controller brought back down.
574 *
575 * The checking of HCI_AUTO_OFF is not needed in this
576 * case since it will have been cleared already when
577 * opening the user channel.
578 */
579 hci_dev_do_close(hdev);
580 hci_dev_clear_flag(hdev, HCI_USER_CHANNEL);
581 mgmt_index_added(hdev);
582 }
583
584 atomic_dec(&hdev->promisc);
585 hci_dev_put(hdev);
586 }
587
588 sock_orphan(sk);
589
590 skb_queue_purge(&sk->sk_receive_queue);
591 skb_queue_purge(&sk->sk_write_queue);
592
593 sock_put(sk);
594 return 0;
595 }
596
597 static int hci_sock_blacklist_add(struct hci_dev *hdev, void __user *arg)
598 {
599 bdaddr_t bdaddr;
600 int err;
601
602 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
603 return -EFAULT;
604
605 hci_dev_lock(hdev);
606
607 err = hci_bdaddr_list_add(&hdev->blacklist, &bdaddr, BDADDR_BREDR);
608
609 hci_dev_unlock(hdev);
610
611 return err;
612 }
613
614 static int hci_sock_blacklist_del(struct hci_dev *hdev, void __user *arg)
615 {
616 bdaddr_t bdaddr;
617 int err;
618
619 if (copy_from_user(&bdaddr, arg, sizeof(bdaddr)))
620 return -EFAULT;
621
622 hci_dev_lock(hdev);
623
624 err = hci_bdaddr_list_del(&hdev->blacklist, &bdaddr, BDADDR_BREDR);
625
626 hci_dev_unlock(hdev);
627
628 return err;
629 }
630
631 /* Ioctls that require bound socket */
632 static int hci_sock_bound_ioctl(struct sock *sk, unsigned int cmd,
633 unsigned long arg)
634 {
635 struct hci_dev *hdev = hci_pi(sk)->hdev;
636
637 if (!hdev)
638 return -EBADFD;
639
640 if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL))
641 return -EBUSY;
642
643 if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED))
644 return -EOPNOTSUPP;
645
646 if (hdev->dev_type != HCI_BREDR)
647 return -EOPNOTSUPP;
648
649 switch (cmd) {
650 case HCISETRAW:
651 if (!capable(CAP_NET_ADMIN))
652 return -EPERM;
653 return -EOPNOTSUPP;
654
655 case HCIGETCONNINFO:
656 return hci_get_conn_info(hdev, (void __user *) arg);
657
658 case HCIGETAUTHINFO:
659 return hci_get_auth_info(hdev, (void __user *) arg);
660
661 case HCIBLOCKADDR:
662 if (!capable(CAP_NET_ADMIN))
663 return -EPERM;
664 return hci_sock_blacklist_add(hdev, (void __user *) arg);
665
666 case HCIUNBLOCKADDR:
667 if (!capable(CAP_NET_ADMIN))
668 return -EPERM;
669 return hci_sock_blacklist_del(hdev, (void __user *) arg);
670 }
671
672 return -ENOIOCTLCMD;
673 }
674
675 static int hci_sock_ioctl(struct socket *sock, unsigned int cmd,
676 unsigned long arg)
677 {
678 void __user *argp = (void __user *) arg;
679 struct sock *sk = sock->sk;
680 int err;
681
682 BT_DBG("cmd %x arg %lx", cmd, arg);
683
684 lock_sock(sk);
685
686 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
687 err = -EBADFD;
688 goto done;
689 }
690
691 release_sock(sk);
692
693 switch (cmd) {
694 case HCIGETDEVLIST:
695 return hci_get_dev_list(argp);
696
697 case HCIGETDEVINFO:
698 return hci_get_dev_info(argp);
699
700 case HCIGETCONNLIST:
701 return hci_get_conn_list(argp);
702
703 case HCIDEVUP:
704 if (!capable(CAP_NET_ADMIN))
705 return -EPERM;
706 return hci_dev_open(arg);
707
708 case HCIDEVDOWN:
709 if (!capable(CAP_NET_ADMIN))
710 return -EPERM;
711 return hci_dev_close(arg);
712
713 case HCIDEVRESET:
714 if (!capable(CAP_NET_ADMIN))
715 return -EPERM;
716 return hci_dev_reset(arg);
717
718 case HCIDEVRESTAT:
719 if (!capable(CAP_NET_ADMIN))
720 return -EPERM;
721 return hci_dev_reset_stat(arg);
722
723 case HCISETSCAN:
724 case HCISETAUTH:
725 case HCISETENCRYPT:
726 case HCISETPTYPE:
727 case HCISETLINKPOL:
728 case HCISETLINKMODE:
729 case HCISETACLMTU:
730 case HCISETSCOMTU:
731 if (!capable(CAP_NET_ADMIN))
732 return -EPERM;
733 return hci_dev_cmd(cmd, argp);
734
735 case HCIINQUIRY:
736 return hci_inquiry(argp);
737 }
738
739 lock_sock(sk);
740
741 err = hci_sock_bound_ioctl(sk, cmd, arg);
742
743 done:
744 release_sock(sk);
745 return err;
746 }
747
748 static int hci_sock_bind(struct socket *sock, struct sockaddr *addr,
749 int addr_len)
750 {
751 struct sockaddr_hci haddr;
752 struct sock *sk = sock->sk;
753 struct hci_dev *hdev = NULL;
754 int len, err = 0;
755
756 BT_DBG("sock %p sk %p", sock, sk);
757
758 if (!addr)
759 return -EINVAL;
760
761 memset(&haddr, 0, sizeof(haddr));
762 len = min_t(unsigned int, sizeof(haddr), addr_len);
763 memcpy(&haddr, addr, len);
764
765 if (haddr.hci_family != AF_BLUETOOTH)
766 return -EINVAL;
767
768 lock_sock(sk);
769
770 if (sk->sk_state == BT_BOUND) {
771 err = -EALREADY;
772 goto done;
773 }
774
775 switch (haddr.hci_channel) {
776 case HCI_CHANNEL_RAW:
777 if (hci_pi(sk)->hdev) {
778 err = -EALREADY;
779 goto done;
780 }
781
782 if (haddr.hci_dev != HCI_DEV_NONE) {
783 hdev = hci_dev_get(haddr.hci_dev);
784 if (!hdev) {
785 err = -ENODEV;
786 goto done;
787 }
788
789 atomic_inc(&hdev->promisc);
790 }
791
792 hci_pi(sk)->hdev = hdev;
793 break;
794
795 case HCI_CHANNEL_USER:
796 if (hci_pi(sk)->hdev) {
797 err = -EALREADY;
798 goto done;
799 }
800
801 if (haddr.hci_dev == HCI_DEV_NONE) {
802 err = -EINVAL;
803 goto done;
804 }
805
806 if (!capable(CAP_NET_ADMIN)) {
807 err = -EPERM;
808 goto done;
809 }
810
811 hdev = hci_dev_get(haddr.hci_dev);
812 if (!hdev) {
813 err = -ENODEV;
814 goto done;
815 }
816
817 if (test_bit(HCI_INIT, &hdev->flags) ||
818 hci_dev_test_flag(hdev, HCI_SETUP) ||
819 hci_dev_test_flag(hdev, HCI_CONFIG) ||
820 (!hci_dev_test_flag(hdev, HCI_AUTO_OFF) &&
821 test_bit(HCI_UP, &hdev->flags))) {
822 err = -EBUSY;
823 hci_dev_put(hdev);
824 goto done;
825 }
826
827 if (hci_dev_test_and_set_flag(hdev, HCI_USER_CHANNEL)) {
828 err = -EUSERS;
829 hci_dev_put(hdev);
830 goto done;
831 }
832
833 mgmt_index_removed(hdev);
834
835 err = hci_dev_open(hdev->id);
836 if (err) {
837 if (err == -EALREADY) {
838 /* In case the transport is already up and
839 * running, clear the error here.
840 *
841 * This can happen when opening an user
842 * channel and HCI_AUTO_OFF grace period
843 * is still active.
844 */
845 err = 0;
846 } else {
847 hci_dev_clear_flag(hdev, HCI_USER_CHANNEL);
848 mgmt_index_added(hdev);
849 hci_dev_put(hdev);
850 goto done;
851 }
852 }
853
854 atomic_inc(&hdev->promisc);
855
856 hci_pi(sk)->hdev = hdev;
857 break;
858
859 case HCI_CHANNEL_MONITOR:
860 if (haddr.hci_dev != HCI_DEV_NONE) {
861 err = -EINVAL;
862 goto done;
863 }
864
865 if (!capable(CAP_NET_RAW)) {
866 err = -EPERM;
867 goto done;
868 }
869
870 /* The monitor interface is restricted to CAP_NET_RAW
871 * capabilities and with that implicitly trusted.
872 */
873 hci_sock_set_flag(sk, HCI_SOCK_TRUSTED);
874
875 send_monitor_replay(sk);
876
877 atomic_inc(&monitor_promisc);
878 break;
879
880 default:
881 if (!hci_mgmt_chan_find(haddr.hci_channel)) {
882 err = -EINVAL;
883 goto done;
884 }
885
886 if (haddr.hci_dev != HCI_DEV_NONE) {
887 err = -EINVAL;
888 goto done;
889 }
890
891 /* Users with CAP_NET_ADMIN capabilities are allowed
892 * access to all management commands and events. For
893 * untrusted users the interface is restricted and
894 * also only untrusted events are sent.
895 */
896 if (capable(CAP_NET_ADMIN))
897 hci_sock_set_flag(sk, HCI_SOCK_TRUSTED);
898
899 /* At the moment the index and unconfigured index events
900 * are enabled unconditionally. Setting them on each
901 * socket when binding keeps this functionality. They
902 * however might be cleared later and then sending of these
903 * events will be disabled, but that is then intentional.
904 *
905 * This also enables generic events that are safe to be
906 * received by untrusted users. Example for such events
907 * are changes to settings, class of device, name etc.
908 */
909 if (haddr.hci_channel == HCI_CHANNEL_CONTROL) {
910 hci_sock_set_flag(sk, HCI_MGMT_INDEX_EVENTS);
911 hci_sock_set_flag(sk, HCI_MGMT_UNCONF_INDEX_EVENTS);
912 hci_sock_set_flag(sk, HCI_MGMT_GENERIC_EVENTS);
913 }
914 break;
915 }
916
917
918 hci_pi(sk)->channel = haddr.hci_channel;
919 sk->sk_state = BT_BOUND;
920
921 done:
922 release_sock(sk);
923 return err;
924 }
925
926 static int hci_sock_getname(struct socket *sock, struct sockaddr *addr,
927 int *addr_len, int peer)
928 {
929 struct sockaddr_hci *haddr = (struct sockaddr_hci *) addr;
930 struct sock *sk = sock->sk;
931 struct hci_dev *hdev;
932 int err = 0;
933
934 BT_DBG("sock %p sk %p", sock, sk);
935
936 if (peer)
937 return -EOPNOTSUPP;
938
939 lock_sock(sk);
940
941 hdev = hci_pi(sk)->hdev;
942 if (!hdev) {
943 err = -EBADFD;
944 goto done;
945 }
946
947 *addr_len = sizeof(*haddr);
948 haddr->hci_family = AF_BLUETOOTH;
949 haddr->hci_dev = hdev->id;
950 haddr->hci_channel= hci_pi(sk)->channel;
951
952 done:
953 release_sock(sk);
954 return err;
955 }
956
957 static void hci_sock_cmsg(struct sock *sk, struct msghdr *msg,
958 struct sk_buff *skb)
959 {
960 __u32 mask = hci_pi(sk)->cmsg_mask;
961
962 if (mask & HCI_CMSG_DIR) {
963 int incoming = bt_cb(skb)->incoming;
964 put_cmsg(msg, SOL_HCI, HCI_CMSG_DIR, sizeof(incoming),
965 &incoming);
966 }
967
968 if (mask & HCI_CMSG_TSTAMP) {
969 #ifdef CONFIG_COMPAT
970 struct compat_timeval ctv;
971 #endif
972 struct timeval tv;
973 void *data;
974 int len;
975
976 skb_get_timestamp(skb, &tv);
977
978 data = &tv;
979 len = sizeof(tv);
980 #ifdef CONFIG_COMPAT
981 if (!COMPAT_USE_64BIT_TIME &&
982 (msg->msg_flags & MSG_CMSG_COMPAT)) {
983 ctv.tv_sec = tv.tv_sec;
984 ctv.tv_usec = tv.tv_usec;
985 data = &ctv;
986 len = sizeof(ctv);
987 }
988 #endif
989
990 put_cmsg(msg, SOL_HCI, HCI_CMSG_TSTAMP, len, data);
991 }
992 }
993
994 static int hci_sock_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
995 int flags)
996 {
997 int noblock = flags & MSG_DONTWAIT;
998 struct sock *sk = sock->sk;
999 struct sk_buff *skb;
1000 int copied, err;
1001
1002 BT_DBG("sock %p, sk %p", sock, sk);
1003
1004 if (flags & MSG_OOB)
1005 return -EOPNOTSUPP;
1006
1007 if (sk->sk_state == BT_CLOSED)
1008 return 0;
1009
1010 skb = skb_recv_datagram(sk, flags, noblock, &err);
1011 if (!skb)
1012 return err;
1013
1014 copied = skb->len;
1015 if (len < copied) {
1016 msg->msg_flags |= MSG_TRUNC;
1017 copied = len;
1018 }
1019
1020 skb_reset_transport_header(skb);
1021 err = skb_copy_datagram_msg(skb, 0, msg, copied);
1022
1023 switch (hci_pi(sk)->channel) {
1024 case HCI_CHANNEL_RAW:
1025 hci_sock_cmsg(sk, msg, skb);
1026 break;
1027 case HCI_CHANNEL_USER:
1028 case HCI_CHANNEL_MONITOR:
1029 sock_recv_timestamp(msg, sk, skb);
1030 break;
1031 default:
1032 if (hci_mgmt_chan_find(hci_pi(sk)->channel))
1033 sock_recv_timestamp(msg, sk, skb);
1034 break;
1035 }
1036
1037 skb_free_datagram(sk, skb);
1038
1039 return err ? : copied;
1040 }
1041
1042 static int hci_mgmt_cmd(struct hci_mgmt_chan *chan, struct sock *sk,
1043 struct msghdr *msg, size_t msglen)
1044 {
1045 void *buf;
1046 u8 *cp;
1047 struct mgmt_hdr *hdr;
1048 u16 opcode, index, len;
1049 struct hci_dev *hdev = NULL;
1050 const struct hci_mgmt_handler *handler;
1051 bool var_len, no_hdev;
1052 int err;
1053
1054 BT_DBG("got %zu bytes", msglen);
1055
1056 if (msglen < sizeof(*hdr))
1057 return -EINVAL;
1058
1059 buf = kmalloc(msglen, GFP_KERNEL);
1060 if (!buf)
1061 return -ENOMEM;
1062
1063 if (memcpy_from_msg(buf, msg, msglen)) {
1064 err = -EFAULT;
1065 goto done;
1066 }
1067
1068 hdr = buf;
1069 opcode = __le16_to_cpu(hdr->opcode);
1070 index = __le16_to_cpu(hdr->index);
1071 len = __le16_to_cpu(hdr->len);
1072
1073 if (len != msglen - sizeof(*hdr)) {
1074 err = -EINVAL;
1075 goto done;
1076 }
1077
1078 if (opcode >= chan->handler_count ||
1079 chan->handlers[opcode].func == NULL) {
1080 BT_DBG("Unknown op %u", opcode);
1081 err = mgmt_cmd_status(sk, index, opcode,
1082 MGMT_STATUS_UNKNOWN_COMMAND);
1083 goto done;
1084 }
1085
1086 handler = &chan->handlers[opcode];
1087
1088 if (!hci_sock_test_flag(sk, HCI_SOCK_TRUSTED) &&
1089 !(handler->flags & HCI_MGMT_UNTRUSTED)) {
1090 err = mgmt_cmd_status(sk, index, opcode,
1091 MGMT_STATUS_PERMISSION_DENIED);
1092 goto done;
1093 }
1094
1095 if (index != MGMT_INDEX_NONE) {
1096 hdev = hci_dev_get(index);
1097 if (!hdev) {
1098 err = mgmt_cmd_status(sk, index, opcode,
1099 MGMT_STATUS_INVALID_INDEX);
1100 goto done;
1101 }
1102
1103 if (hci_dev_test_flag(hdev, HCI_SETUP) ||
1104 hci_dev_test_flag(hdev, HCI_CONFIG) ||
1105 hci_dev_test_flag(hdev, HCI_USER_CHANNEL)) {
1106 err = mgmt_cmd_status(sk, index, opcode,
1107 MGMT_STATUS_INVALID_INDEX);
1108 goto done;
1109 }
1110
1111 if (hci_dev_test_flag(hdev, HCI_UNCONFIGURED) &&
1112 !(handler->flags & HCI_MGMT_UNCONFIGURED)) {
1113 err = mgmt_cmd_status(sk, index, opcode,
1114 MGMT_STATUS_INVALID_INDEX);
1115 goto done;
1116 }
1117 }
1118
1119 no_hdev = (handler->flags & HCI_MGMT_NO_HDEV);
1120 if (no_hdev != !hdev) {
1121 err = mgmt_cmd_status(sk, index, opcode,
1122 MGMT_STATUS_INVALID_INDEX);
1123 goto done;
1124 }
1125
1126 var_len = (handler->flags & HCI_MGMT_VAR_LEN);
1127 if ((var_len && len < handler->data_len) ||
1128 (!var_len && len != handler->data_len)) {
1129 err = mgmt_cmd_status(sk, index, opcode,
1130 MGMT_STATUS_INVALID_PARAMS);
1131 goto done;
1132 }
1133
1134 if (hdev && chan->hdev_init)
1135 chan->hdev_init(sk, hdev);
1136
1137 cp = buf + sizeof(*hdr);
1138
1139 err = handler->func(sk, hdev, cp, len);
1140 if (err < 0)
1141 goto done;
1142
1143 err = msglen;
1144
1145 done:
1146 if (hdev)
1147 hci_dev_put(hdev);
1148
1149 kfree(buf);
1150 return err;
1151 }
1152
1153 static int hci_sock_sendmsg(struct socket *sock, struct msghdr *msg,
1154 size_t len)
1155 {
1156 struct sock *sk = sock->sk;
1157 struct hci_mgmt_chan *chan;
1158 struct hci_dev *hdev;
1159 struct sk_buff *skb;
1160 int err;
1161
1162 BT_DBG("sock %p sk %p", sock, sk);
1163
1164 if (msg->msg_flags & MSG_OOB)
1165 return -EOPNOTSUPP;
1166
1167 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE))
1168 return -EINVAL;
1169
1170 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
1171 return -EINVAL;
1172
1173 lock_sock(sk);
1174
1175 switch (hci_pi(sk)->channel) {
1176 case HCI_CHANNEL_RAW:
1177 case HCI_CHANNEL_USER:
1178 break;
1179 case HCI_CHANNEL_MONITOR:
1180 err = -EOPNOTSUPP;
1181 goto done;
1182 default:
1183 mutex_lock(&mgmt_chan_list_lock);
1184 chan = __hci_mgmt_chan_find(hci_pi(sk)->channel);
1185 if (chan)
1186 err = hci_mgmt_cmd(chan, sk, msg, len);
1187 else
1188 err = -EINVAL;
1189
1190 mutex_unlock(&mgmt_chan_list_lock);
1191 goto done;
1192 }
1193
1194 hdev = hci_pi(sk)->hdev;
1195 if (!hdev) {
1196 err = -EBADFD;
1197 goto done;
1198 }
1199
1200 if (!test_bit(HCI_UP, &hdev->flags)) {
1201 err = -ENETDOWN;
1202 goto done;
1203 }
1204
1205 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
1206 if (!skb)
1207 goto done;
1208
1209 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
1210 err = -EFAULT;
1211 goto drop;
1212 }
1213
1214 bt_cb(skb)->pkt_type = *((unsigned char *) skb->data);
1215 skb_pull(skb, 1);
1216
1217 if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
1218 /* No permission check is needed for user channel
1219 * since that gets enforced when binding the socket.
1220 *
1221 * However check that the packet type is valid.
1222 */
1223 if (bt_cb(skb)->pkt_type != HCI_COMMAND_PKT &&
1224 bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
1225 bt_cb(skb)->pkt_type != HCI_SCODATA_PKT) {
1226 err = -EINVAL;
1227 goto drop;
1228 }
1229
1230 skb_queue_tail(&hdev->raw_q, skb);
1231 queue_work(hdev->workqueue, &hdev->tx_work);
1232 } else if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT) {
1233 u16 opcode = get_unaligned_le16(skb->data);
1234 u16 ogf = hci_opcode_ogf(opcode);
1235 u16 ocf = hci_opcode_ocf(opcode);
1236
1237 if (((ogf > HCI_SFLT_MAX_OGF) ||
1238 !hci_test_bit(ocf & HCI_FLT_OCF_BITS,
1239 &hci_sec_filter.ocf_mask[ogf])) &&
1240 !capable(CAP_NET_RAW)) {
1241 err = -EPERM;
1242 goto drop;
1243 }
1244
1245 if (ogf == 0x3f) {
1246 skb_queue_tail(&hdev->raw_q, skb);
1247 queue_work(hdev->workqueue, &hdev->tx_work);
1248 } else {
1249 /* Stand-alone HCI commands must be flagged as
1250 * single-command requests.
1251 */
1252 bt_cb(skb)->hci.req_start = true;
1253
1254 skb_queue_tail(&hdev->cmd_q, skb);
1255 queue_work(hdev->workqueue, &hdev->cmd_work);
1256 }
1257 } else {
1258 if (!capable(CAP_NET_RAW)) {
1259 err = -EPERM;
1260 goto drop;
1261 }
1262
1263 if (bt_cb(skb)->pkt_type != HCI_ACLDATA_PKT &&
1264 bt_cb(skb)->pkt_type != HCI_SCODATA_PKT) {
1265 err = -EINVAL;
1266 goto drop;
1267 }
1268
1269 skb_queue_tail(&hdev->raw_q, skb);
1270 queue_work(hdev->workqueue, &hdev->tx_work);
1271 }
1272
1273 err = len;
1274
1275 done:
1276 release_sock(sk);
1277 return err;
1278
1279 drop:
1280 kfree_skb(skb);
1281 goto done;
1282 }
1283
1284 static int hci_sock_setsockopt(struct socket *sock, int level, int optname,
1285 char __user *optval, unsigned int len)
1286 {
1287 struct hci_ufilter uf = { .opcode = 0 };
1288 struct sock *sk = sock->sk;
1289 int err = 0, opt = 0;
1290
1291 BT_DBG("sk %p, opt %d", sk, optname);
1292
1293 lock_sock(sk);
1294
1295 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
1296 err = -EBADFD;
1297 goto done;
1298 }
1299
1300 switch (optname) {
1301 case HCI_DATA_DIR:
1302 if (get_user(opt, (int __user *)optval)) {
1303 err = -EFAULT;
1304 break;
1305 }
1306
1307 if (opt)
1308 hci_pi(sk)->cmsg_mask |= HCI_CMSG_DIR;
1309 else
1310 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_DIR;
1311 break;
1312
1313 case HCI_TIME_STAMP:
1314 if (get_user(opt, (int __user *)optval)) {
1315 err = -EFAULT;
1316 break;
1317 }
1318
1319 if (opt)
1320 hci_pi(sk)->cmsg_mask |= HCI_CMSG_TSTAMP;
1321 else
1322 hci_pi(sk)->cmsg_mask &= ~HCI_CMSG_TSTAMP;
1323 break;
1324
1325 case HCI_FILTER:
1326 {
1327 struct hci_filter *f = &hci_pi(sk)->filter;
1328
1329 uf.type_mask = f->type_mask;
1330 uf.opcode = f->opcode;
1331 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
1332 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
1333 }
1334
1335 len = min_t(unsigned int, len, sizeof(uf));
1336 if (copy_from_user(&uf, optval, len)) {
1337 err = -EFAULT;
1338 break;
1339 }
1340
1341 if (!capable(CAP_NET_RAW)) {
1342 uf.type_mask &= hci_sec_filter.type_mask;
1343 uf.event_mask[0] &= *((u32 *) hci_sec_filter.event_mask + 0);
1344 uf.event_mask[1] &= *((u32 *) hci_sec_filter.event_mask + 1);
1345 }
1346
1347 {
1348 struct hci_filter *f = &hci_pi(sk)->filter;
1349
1350 f->type_mask = uf.type_mask;
1351 f->opcode = uf.opcode;
1352 *((u32 *) f->event_mask + 0) = uf.event_mask[0];
1353 *((u32 *) f->event_mask + 1) = uf.event_mask[1];
1354 }
1355 break;
1356
1357 default:
1358 err = -ENOPROTOOPT;
1359 break;
1360 }
1361
1362 done:
1363 release_sock(sk);
1364 return err;
1365 }
1366
1367 static int hci_sock_getsockopt(struct socket *sock, int level, int optname,
1368 char __user *optval, int __user *optlen)
1369 {
1370 struct hci_ufilter uf;
1371 struct sock *sk = sock->sk;
1372 int len, opt, err = 0;
1373
1374 BT_DBG("sk %p, opt %d", sk, optname);
1375
1376 if (get_user(len, optlen))
1377 return -EFAULT;
1378
1379 lock_sock(sk);
1380
1381 if (hci_pi(sk)->channel != HCI_CHANNEL_RAW) {
1382 err = -EBADFD;
1383 goto done;
1384 }
1385
1386 switch (optname) {
1387 case HCI_DATA_DIR:
1388 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_DIR)
1389 opt = 1;
1390 else
1391 opt = 0;
1392
1393 if (put_user(opt, optval))
1394 err = -EFAULT;
1395 break;
1396
1397 case HCI_TIME_STAMP:
1398 if (hci_pi(sk)->cmsg_mask & HCI_CMSG_TSTAMP)
1399 opt = 1;
1400 else
1401 opt = 0;
1402
1403 if (put_user(opt, optval))
1404 err = -EFAULT;
1405 break;
1406
1407 case HCI_FILTER:
1408 {
1409 struct hci_filter *f = &hci_pi(sk)->filter;
1410
1411 memset(&uf, 0, sizeof(uf));
1412 uf.type_mask = f->type_mask;
1413 uf.opcode = f->opcode;
1414 uf.event_mask[0] = *((u32 *) f->event_mask + 0);
1415 uf.event_mask[1] = *((u32 *) f->event_mask + 1);
1416 }
1417
1418 len = min_t(unsigned int, len, sizeof(uf));
1419 if (copy_to_user(optval, &uf, len))
1420 err = -EFAULT;
1421 break;
1422
1423 default:
1424 err = -ENOPROTOOPT;
1425 break;
1426 }
1427
1428 done:
1429 release_sock(sk);
1430 return err;
1431 }
1432
1433 static const struct proto_ops hci_sock_ops = {
1434 .family = PF_BLUETOOTH,
1435 .owner = THIS_MODULE,
1436 .release = hci_sock_release,
1437 .bind = hci_sock_bind,
1438 .getname = hci_sock_getname,
1439 .sendmsg = hci_sock_sendmsg,
1440 .recvmsg = hci_sock_recvmsg,
1441 .ioctl = hci_sock_ioctl,
1442 .poll = datagram_poll,
1443 .listen = sock_no_listen,
1444 .shutdown = sock_no_shutdown,
1445 .setsockopt = hci_sock_setsockopt,
1446 .getsockopt = hci_sock_getsockopt,
1447 .connect = sock_no_connect,
1448 .socketpair = sock_no_socketpair,
1449 .accept = sock_no_accept,
1450 .mmap = sock_no_mmap
1451 };
1452
1453 static struct proto hci_sk_proto = {
1454 .name = "HCI",
1455 .owner = THIS_MODULE,
1456 .obj_size = sizeof(struct hci_pinfo)
1457 };
1458
1459 static int hci_sock_create(struct net *net, struct socket *sock, int protocol,
1460 int kern)
1461 {
1462 struct sock *sk;
1463
1464 BT_DBG("sock %p", sock);
1465
1466 if (sock->type != SOCK_RAW)
1467 return -ESOCKTNOSUPPORT;
1468
1469 sock->ops = &hci_sock_ops;
1470
1471 sk = sk_alloc(net, PF_BLUETOOTH, GFP_ATOMIC, &hci_sk_proto, kern);
1472 if (!sk)
1473 return -ENOMEM;
1474
1475 sock_init_data(sock, sk);
1476
1477 sock_reset_flag(sk, SOCK_ZAPPED);
1478
1479 sk->sk_protocol = protocol;
1480
1481 sock->state = SS_UNCONNECTED;
1482 sk->sk_state = BT_OPEN;
1483
1484 bt_sock_link(&hci_sk_list, sk);
1485 return 0;
1486 }
1487
1488 static const struct net_proto_family hci_sock_family_ops = {
1489 .family = PF_BLUETOOTH,
1490 .owner = THIS_MODULE,
1491 .create = hci_sock_create,
1492 };
1493
1494 int __init hci_sock_init(void)
1495 {
1496 int err;
1497
1498 BUILD_BUG_ON(sizeof(struct sockaddr_hci) > sizeof(struct sockaddr));
1499
1500 err = proto_register(&hci_sk_proto, 0);
1501 if (err < 0)
1502 return err;
1503
1504 err = bt_sock_register(BTPROTO_HCI, &hci_sock_family_ops);
1505 if (err < 0) {
1506 BT_ERR("HCI socket registration failed");
1507 goto error;
1508 }
1509
1510 err = bt_procfs_init(&init_net, "hci", &hci_sk_list, NULL);
1511 if (err < 0) {
1512 BT_ERR("Failed to create HCI proc file");
1513 bt_sock_unregister(BTPROTO_HCI);
1514 goto error;
1515 }
1516
1517 BT_INFO("HCI socket layer initialized");
1518
1519 return 0;
1520
1521 error:
1522 proto_unregister(&hci_sk_proto);
1523 return err;
1524 }
1525
1526 void hci_sock_cleanup(void)
1527 {
1528 bt_procfs_cleanup(&init_net, "hci");
1529 bt_sock_unregister(BTPROTO_HCI);
1530 proto_unregister(&hci_sk_proto);
1531 }
Linux with added FPC-III support